Skip to content

Fluepke/ssh-scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
.gitignore
.gitignore
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

ssh-scanner

Some (hacky) fast SSH-Scanner to try some credential at ✨ webscale ✨ against a lot (or maybe even all IPv4) SSH servers.

Usage

As a preparation masscan the target network for open SSH servers, write a text file, one target IP per line.

Usage of ./ssh-scanner:
  -cpuprofile string
    	write cpu profile to file
  -input string
    	Text file with ip addresses (default "in.txt")
  -logfile string
    	Logfile (default "log.jsonl")
  -p int
    	Parallelism, must be smaller than: net.ipv4.ip_local_port_range (second value - first value) (default 40000)
  -pass string
    	SSH password
  -src string
    	Comma separated list of source IP addresses to use
  -user string
    	SSH user

Considerations

  • Tuning TCP kernel parameters yields better, faster results
  • You'll get a bunch of abuse complaints, much more than from a masscan -> talk to you ISP or be your ISP
  • Code quality could be improved, this was a quick hack to determine impact of some hardcoded credentials in some internet of shit device
  • More features could be added, e.g. writing results to an Elasticsearch or database
  • -p means parallelism and not 'port', I am sorry and noticed only while writing this README :p

About

A fast scanner to try SSH credentials against millions of hosts

Resources

Readme
Activity

Stars

6 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages